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DETAILED ACTION 

In view of the pre-appeal filed on 02/14/2011, PROSECUTION IS HEREBY 
REOPENED. New grounds of rejection are set forth below. 

Response to Arguments 

Applicant's arguments with respect to Claims 25, 33, 39, 44 and 46 have been 
considered but are moot in view of the new ground(s) of rejection. 

Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 1 02 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

Claims 25 - 27, 30, 31, 33 - 36 and 39 - 47 are rejected under 35 U.S.C. 103(a) as 
being unpatentable over the combination of Barriga-Caceres et al. (U.S. 2003/0163733 
A1) and Basu et al. (U.S. 6,219,539 B1). 

With respect to Claim 25, Barriga-Caceres et al. teaches a method comprising: 
• transmitting a subscriber station basic capability negotiation request (SBC- 
REQ) message to the base station, the SBC-REQ message including 
information on at least one authentication mode that can be supported by 
the subscriber station (Fig. 5B, step C-503 and Paragraph [0101]; Step 
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C-503 transmits the authentication mode selected by user, among 
different authentication mechanisms available for the user.); 

• transmitting an authentication request message corresponding to the 
selected authentication mode to the base station (Fig. 5B, step C-505 
and Paragraph [0101]). 

Barriga-Caceres et al. does not explicitly teach: 

• receiving a subscriber station basic capability negotiation response (SBC- 
RSP) message including information on an authentication mode that is 
selected by the base station among the at least one authentication mode; 
and 

Basu et al. teaches: 

• receiving a subscriber station basic capability negotiation response (SBC- 
RSP) message including information on an authentication mode that is 
selected by the base station among the at least one authentication mode 
(Col. 9, lines 35 - 46); and 

It would have been obvious to one of ordinary skill in the art at the time of the 
invention was made to modify the method in Barriga-Caceres et al. to have base station 
select the authentication mode, as taught by Basu et al., to facilitate the process of 
authentication. 

With respect to Claim 26, Basu et al. further teaches wherein each of the SBC- 
REQ message and the SBC-RSP message includes a parameter for selecting the 
authentication mode (Col. 9, lines 35 - 46). 
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With respect to Claim 27, Barriga-Caceres et al. further teaches wherein the 
selected authentication mode includes at least one of a digital certificate based 
authentication mode and an extensible authentication protocol (EAP) based 
authentication mode (Paragraph [0101]; "Provided that a SIM-based authentication 
had been selected, the IMSI is used as applicable identity and is encapsulated in 
an Attribute Value Pair (AVP) of an Extensible Authentication Protocol (EAP) and 
in the User-Name AVP"). 

With respect to Claim 30, Barriga-Caceres et al. further teaches wherein, when 
the selected authentication mode is an EAP-based authentication mode, the 
authentication request message is a message for requesting the authentication by an 
authentication, authorization, and accounting (AAA) server, wherein the AAA server is 
connected to the base station and performs the authentication (Fig. 5B, AAA 44 and 
Paragraph [0101]). 

With respect to Claim 31, Barriga-Caceres et al. further teaches wherein, when 
the selected authentication mode is an EAP-based authentication mode, the 
authentication request message includes an EAP payload, wherein the EAP payload 
includes data for the authentication (Paragraphs [0101] and [0102]). 

With respect to Claim 33, Barriga-Caceres et al. teaches a method comprising: 
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• receiving a subscriber station basic capability negotiation request (SBC- 
REQ) message from the subscriber station mode, the SBC-REQ message 
including information on at least one authentication mode that can be 
supported by the subscriber station (Fig. 5B, step C-503 and Paragraph 
[0101]; Step C-503 transmits the authentication mode selected by 
user, among different authentication mechanisms available for the 
user.); 

• transmitting a first response message to the subscriber station, the first 
response message including information on the selected authentication 
mode (Fig. 5B, step C-504 and Paragraph [0101]); 

• receiving an authentication request message corresponding to the 
selected authentication mode from the subscriber station (Fig. 5B, step C- 
505 and Paragraph [0101]); and 

• transmitting a second response message to the subscriber station, the 
second response message representing a result of the authentication 
performed in accordance with the authentication request message (Fig. 
5B, step C-513, Fig. 5C, steps C-25 or C-29). 

Barriga-Caceres et al. does not explicitly teach: 

• selecting an authentication mode from among the at least one 
authentication mode; 

Basu et al. teaches: 

• selecting an authentication mode from among the at least one 
authentication mode (Col. 9, lines 35 - 46); and 
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It would have been obvious to one of ordinary skill in the art at the time of the 
invention was made to modify the method in Barriga-Caceres et al. to have base station 
select the authentication mode, as taught by Basu et al., to facilitate the process of 
authentication. 

With respect to Claim 34, Barriga-Caceres et al. further teaches wherein the 
authentication mode includes at least one of a digital certificate based authentication 
mode and an extensible authentication protocol (EAP) based authentication mode 
(Paragraph [0101]; "Provided that a SIM-based authentication had been selected, 
the IMSI is used as applicable identity and is encapsulated in an Attribute Value 
Pair (AVP) of an Extensible Authentication Protocol (EAP) and in the User-Name 
AVP"). 

With respect to Claim 35, Barriga-Caceres et al. further teaches wherein, when 
the selected authentication mode is an EAP-based authentication mode, the receiving 
of the authentication request message comprises requesting an authentication, 
authorization, and accounting (AAA) server to perform an authentication through an 
standardized authentication protocol of an upper layer (Fig. 5B, AAA 44 and 
Paragraph [0101]). 

With respect to Claim 36, Barriga-Caceres et al. further teaches wherein, when 
the selected authentication mode is an EAP-based authentication mode, the second 
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response message includes an EAP payload, wherein the EAP payload includes data 
for the authentication (Paragraphs [0101] and [0102]). 

With respect to Claim 39, Barriga-Caceres et al. teaches an apparatus 
comprising: 

• a message parser configured to receive a first message from the 
subscriber station, the first message including information on at least one 
authentication mode that can be supported by the subscriber station (Fig. 
5B, step C-503 and Paragraph [0101]; Step C-503 transmits the 
authentication mode selected by user, among different 
authentication mechanisms available for the user.); 

• an authentication reply message generator configured to transmit a 
second message including information on the selected authentication 
mode to the subscriber station (Fig. 5B, step C-504 and Paragraph 
[0101]); 

• wherein the message parser is further configured to receive an 
authentication request from the subscriber station by receiving a privacy 
key management request (PKM-REQ) message having a message type 
according to the selected authentication mode (Fig. 5B, step C-505 and 
Paragraph [0101]; The naming of the message does not provide 
further functionality and Fig. 5B, step C-505 does teach the 
limitation.); and 
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• wherein the authentication reply message generator is further configured 
to transmit a privacy key management response (PKM-RSP) message 
having a message type according to the selected authentication mode to 
the subscriber station in response to the authentication request (Fig. 5B, 
step C-513, Fig. 5C, steps C-25 or C-29). 

Barriga-Caceres et al. does not explicitly teach: 

• an authentication controller configured to select an authentication mode 
that can be performed by the base station among the at least one 
authentication mode, 

Basu et al. teaches: 

• an authentication controller configured to select an authentication mode 
that can be performed by the base station among the at least one 
authentication mode (Col. 9, lines 35 - 46); and 

It would have been obvious to one of ordinary skill in the art at the time of the 
invention was made to modify the method in Barriga-Caceres et al. to have base station 
select the authentication mode, as taught by Basu et al., to facilitate the process of 
authentication. 

With respect to Claim 40, Barriga-Caceres et al. further teaches wherein, when 
the selected authentication mode is an extensible authentication protocol (EAP) based 
authentication mode, the message type of each of the PKM-REQ message and the 
PKM-RSP message is an EAP transfer including an EAP payload, wherein the EAP 
payload includes data for the authentication (Paragraphs [0101] and [0102]). 
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With respect to Claim 41 , Barriga-Caceres et al. teaches a method comprising: 

• receiving a subscriber station basic capability negotiation request (SBC- 
REQ) message from the subscriber station, the SBC-REQ message 
including a parameter representing at least one authentication mode that 
can be supported by the subscriber station (Fig. 5B, step C-503 and 
Paragraph [0101]; IMSI is the parameter); 

• transmitting a subscriber station basic capability negotiation response 
(SBC-RSP) message to the subscriber station, the SBC-RSP including a 
parameter representing the selected authentication mode (Fig. 5B, step 
C-504 and Paragraph [0101]). 

. Barriga-Caceres et al. does not explicitly teach: 

• selecting an authentication mode that can be performed by the base 
station among the at least one authentication mode; and 

Basu et al. teaches: 

• selecting an authentication mode that can be performed by the base 
station among the at least one authentication mode (Col. 9, lines 35 - 46); 
and 

It would have been obvious to one of ordinary skill in the art at the time of the 
invention was made to modify the method in Barriga-Caceres et al. to have base station 
select the authentication mode, as taught by Basu et al., to facilitate the process of 
authentication. 
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With respect to Claim 42, Barriga-Caceres et al. teaches further comprising: 

• receiving a privacy key management request (PKM-REQ) message 
having a message type according to the selected authentication mode 
(Fig. 5B, step C-505 and Paragraph [0101]); and 

• transmitting a privacy key management response (PKM-RSP) message 
having a message type according to the selected authentication mode to 
the subscriber station in response to the PKM-REQ message (Fig. 5B, 
step C-513, Fig. 5C, steps C-25 or C-29). 

With respect to Claim 43, Barriga-Caceres et al. further teaches wherein, when 
the selected authentication mode is an extensible authentication protocol (EAP) based 
authentication mode, the message type of each of the PKM-REQ message and the 
PKM-RSP message is an EAP transfer including an EAP payload, wherein the EAP 
payload includes data for the authentication (Paragraphs [0101] and [0102]). 

With respect to Claim 44, Barriga-Caceres et al. teaches a method comprising: 

• setting an extensible authentication protocol (EAP) based authentication 
mode as an authentication mode by negotiating with the subscriber 
station, (Fig. 5B, steps C-503, C-504 and Paragraph [0101]); 

• receiving an authentication request by receiving a privacy key 
management request (PKM-REQ) message from the subscriber station, 
the PKM-REQ message having a message type according to the EAP- 
based authentication mode (Fig. 5B, step C-505 and Paragraph [0101]); 
and 
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• transmitting a privacy key management response (PK_M-RSP) message 
to the subscriber station in response to the authentication request, the 
PKM-RSP message having a message type according to the EAP based 
authentication mode (Fig. 5B, step C-513, Fig. 5C, steps C-25 or C-29). 

Barriga-Caceres et al. does not explicitly teach: 

• wherein the EAP based authentication mode is selected by the base 
station from among at least one authentication mode that can be 
supported by the subscriber station, 

Basu et al. teaches: 

• wherein the EAP based authentication mode is selected by the base 
station from among at least one authentication mode that can be 
supported by the subscriber station (Col. 9, lines 35 - 46); and 

It would have been obvious to one of ordinary skill in the art at the time of the 
invention was made to modify the method in Barriga-Caceres et al. to have base station 
select the authentication mode, as taught by Basu et al., to facilitate the process of 
authentication. 

With respect to Claim 45, Barriga-Caceres et al. further teaches wherein the 
message type of each of the PKM-REQ message and the PKM-RSP message is an 
EAP transfer including an EAP payload, and the EAP payload includes data for the 
authentication (Paragraphs [0101] and [0102]). 
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With respect to Claim 46, Barriga-Caceres et al. teaches an apparatus 
comprising: 

• an authentication request message generator configured to transmit a first 
message to the base station, the first message including information on at 
least one authentication mode that can be supported by the subscriber 
station (Fig. 5B, step C-503 and Paragraph [0101]; Step C-503 
transmits the authentication mode selected by user, among different 
authentication mechanisms available for the user.); and 

• an authentication reply message parser configured to receive a second 
message from the base station, (Fig. 5B, step C-504 and Paragraph 
[0101]); 

• wherein the authentication request message generator is further 
configured to receive an authentication by transmitting a privacy key 
management request (PKM-REQ) message to the base station, the PKM- 
REQ message having a message type according to the selected 
authentication mode (Fig. 5B, step C-505 and Paragraph [0101]); and 

• wherein the authentication reply message parser is further configured to 
receive a privacy key management response (PKM-RSP) message having 
a message type according to the selected authentication mode from the 
base station in response to the authentication request (Fig. 5B, step C- 
513, Fig. 5C, steps C-25 or C-29). 

Barriga-Caceres et al. does not explicitly teach: 
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• the second message including information on an authentication mode 
selected by the base station among the at least one authentication mode, 

Basu et al. teaches: 

• the second message including information on an authentication mode 
selected by the base station among the at least one authentication mode 
(Col. 9, lines 35 -46); and 

It would have been obvious to one of ordinary skill in the art at the time of the 
invention was made to modify the method in Barriga-Caceres et al. to have base station 
select the authentication mode, as taught by Basu et al., to facilitate the process of 
authentication. 

With respect to Claim 47, Barriga-Caceres et al. further teaches wherein, when 
the selected authentication mode is an extensible authentication protocol (EAP) based 
authentication mode, the message type of each of the PKM-REQ message and the 
PKM-RSP message is an EAP transfer including an EAP payload, and wherein the EAP 
payload includes data for the authentication (Paragraphs [0101] and [0102]). 

Claims 28, 29, 32, 37 and 38 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over the combination of Barriga-Caceres et al. (U.S. 2003/0163733 A1) 
and Basu et al. (U.S. 6,219,539 B1) as applied to Claims 25 and 33 above, and further 
in view of Aura (U.S. 7,272,381 B2). 

With respect to Claim 28, Barriga-Caceres et al. teaches all of the limitations in 
Claim 25 as discussed above. Barriga-Caceres et al. further teaches the authentication 
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request message is a message for requesting the authentication by the base station 
(Fig. 5B, step C-505 and Paragraph [0101]). 

Barriga-Caceres et al. does not explicitly teach " when the selected authentication 
mode is a digital certificate based authentication mode , the authentication request 
message is a message for requesting the authentication by the base station." 

Aura teaches the use of various global identifiers, including home IP, MAC 
address or GSM IMSI, to identify misuse of the mobile access network and to function 
as a trust parameter for secure transmission (Col. 13, lines 38 - 67). 

It would have been obvious to one of ordinary skill in the art at the time of the 
invention was made to modify the method in Barriga-Caceres et al. to include digital 
identifiers, as taught by Aura, to secure the transmission between two nodes. 

With respect to Claim 29, Barriga-Caceres et al. teaches all of the limitations in 
Claim 25 as discussed above. Barriga-Caceres et al. further teaches the authentication 
request message includes an authentication information message and an authorization 
request message (Fig. 5B, step C-505 and Paragraph [0101]). 

Barriga-Caceres et al. does not explicitly teach " when the selected authentication 
mode is a digital certificate based authentication mode , the authentication request 
message includes an authentication information message and an authorization request 
message." 

Aura teaches the use of various global identifiers, including home IP, MAC 
address or GSM IMSI, to identify misuse of the mobile access network and to function 
as a trust parameter for secure transmission (Col. 13, lines 38 - 67). 
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It would have been obvious to one of ordinary skill in the art at the time of the 
invention was made to modify the method in Barriga-Caceres et al. to include digital 
identifiers, as taught by Aura, to secure the transmission between two nodes. 

With respect to Claim 32, Barriga-Caceres et al. teaches all of the limitations in 
Claim 25 as discussed above. Barriga-Caceres et al. further teaches wherein the 
authentication request message is a privacy key management request (PKM-REQ) 
message (Fig. 5B, step C-505 and Paragraph [0101]). 

Barriga-Caceres et al. does not explicitly teach "wherein the authentication 
request message is a privacy key management request (PKM-REQ) message included 
in a medium access control (MAC) message ." 

Aura teaches the use of various global identifiers, including home IP, MAC 
address or GSM IMSI, to identify misuse of the mobile access network and to function 
as a trust parameter for secure transmission (Col. 13, lines 38 - 67). 

It would have been obvious to one of ordinary skill in the art at the time of the 
invention was made to modify the method in Barriga-Caceres et al. to include digital 
identifiers, as taught by Aura, to secure the transmission between two nodes. 

With respect to Claim 37, Barriga-Caceres et al. teaches all of the limitations in 
Claim 33 as discussed above. Barriga-Caceres et al. further teaches the second 
response message includes an authentication reply message (Fig. 5B, step C-513, Fig. 
5C, steps C-25 or C-29). 
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Barriga-Caceres et al. does not explicitly teach " when the selected authentication 
mode is a digital certificate based authentication mode , the second response message 
includes an authentication reply message." 

Aura teaches the use of various global identifiers, including home IP, MAC 
address or GSM IMSI, to identify misuse of the mobile access network and to function 
as a trust parameter for secure transmission (Col. 13, lines 38 - 67). 

It would have been obvious to one of ordinary skill in the art at the time of the 
invention was made to modify the method in Barriga-Caceres et al. to include digital 
identifiers, as taught by Aura, to secure the transmission between two nodes. 

With respect to Claim 38, Barriga-Caceres et al. teaches all of the limitations in 
Claim 33 as discussed above. Barriga-Caceres et al. further teaches wherein the 
second response message is a privacy key management response (PKM-RSP) 
message (Fig. 5B, step C-505 and Paragraph [0101]). 

Barriga-Caceres et al. does not explicitly teach "wherein the second response 
message is a privacy key management response (PKM-RSP) message included in a 
medium access control (MAC) message ." 

Aura teaches the use of various global identifiers, including home IP, MAC 
address or GSM IMSI, to identify misuse of the mobile access network and to function 
as a trust parameter for secure transmission (Col. 13, lines 38 - 67). 

It would have been obvious to one of ordinary skill in the art at the time of the 
invention was made to modify the method in Barriga-Caceres et al. to include digital 
identifiers, as taught by Aura, to secure the transmission between two nodes. 
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Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to STAMFORD HWANG whose telephone number is 
(571)270-5578. The examiner can normally be reached on Monday ~ Friday 9:00AM 
ET~ 6:00PM ET. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Charles Appiah can be reached on (571)272-7904. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

/STAMFORD HWANG/ 
Examiner, Art Unit 2617 
/Patrick N. Edouard/ 

Supervisory Patent Examiner, Art Unit 2617 



